pkgs/development/python-modules/pyopenssl/default.nix at 23.05-pre · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / pkgs / development / python-modules / pyopenssl / default.nix
at 23.05-pre 2.5 kB view raw
 1{ lib
 2, stdenv
 3, buildPythonPackage
 4, fetchPypi
 5, openssl
 6, cryptography
 7, pytestCheckHook
 8, pretend
 9, flaky
10}:
11
12buildPythonPackage rec {
13  pname = "pyopenssl";
14  version = "22.1.0";
15
16  outputs = [ "out" "dev" ];
17
18  src = fetchPypi {
19    pname = "pyOpenSSL";
20    inherit version;
21    sha256 = "sha256-eoO3snLdWVIi1nL1zimqAw8fuDdjDvIp9i5y45XOiWg=";
22  };
23
24  postPatch = ''
25    # remove cryptography pin
26    sed "/cryptography/ s/,<[0-9]*//g" setup.py
27  '';
28
29  # Seems to fail unpredictably on Darwin. See https://hydra.nixos.org/build/49877419/nixlog/1
30  # for one example, but I've also seen ContextTests.test_set_verify_callback_exception fail.
31  doCheck = !stdenv.isDarwin;
32
33  nativeBuildInputs = [ openssl ];
34  propagatedBuildInputs = [ cryptography ];
35
36  checkInputs = [ pytestCheckHook pretend flaky ];
37
38  preCheck = ''
39    export LANG="en_US.UTF-8"
40  '';
41
42  disabledTests = [
43    # https://github.com/pyca/pyopenssl/issues/692
44    # These tests, we disable always.
45    "test_set_default_verify_paths"
46    "test_fallback_default_verify_paths"
47    # https://github.com/pyca/pyopenssl/issues/768
48    "test_wantWriteError"
49    # https://github.com/pyca/pyopenssl/issues/1043
50    "test_alpn_call_failure"
51  ] ++ lib.optionals (lib.hasPrefix "libressl" openssl.meta.name) [
52    # https://github.com/pyca/pyopenssl/issues/791
53    # These tests, we disable in the case that libressl is passed in as openssl.
54    "test_op_no_compression"
55    "test_npn_advertise_error"
56    "test_npn_select_error"
57    "test_npn_client_fail"
58    "test_npn_success"
59    "test_use_certificate_chain_file_unicode"
60    "test_use_certificate_chain_file_bytes"
61    "test_add_extra_chain_cert"
62    "test_set_session_id_fail"
63    "test_verify_with_revoked"
64    "test_set_notAfter"
65    "test_set_notBefore"
66  ] ++ lib.optionals (lib.versionAtLeast (lib.getVersion openssl.name) "1.1") [
67    # these tests are extremely tightly wed to the exact output of the openssl cli tool, including exact punctuation.
68    "test_dump_certificate"
69    "test_dump_privatekey_text"
70    "test_dump_certificate_request"
71    "test_export_text"
72  ] ++ lib.optionals stdenv.is32bit [
73    # https://github.com/pyca/pyopenssl/issues/974
74    "test_verify_with_time"
75  ];
76
77  meta = with lib; {
78    description = "Python wrapper around the OpenSSL library";
79    homepage = "https://github.com/pyca/pyopenssl";
80    license = licenses.asl20;
81    maintainers = with maintainers; [ SuperSandro2000 ];
82    # https://github.com/pyca/pyopenssl/issues/873
83    broken = stdenv.isDarwin && stdenv.isAarch64;
84  };
85}